| Descripción: | Summary:
The remote host is missing an update for the 'kernel'
package(s) announced via the referenced advisory.
Vulnerability Insight:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
This update fixes the following security issues:
* A flaw was found in the way socket buffers (skb) requiring TSO (TCP
segment offloading) were handled by the sfc driver. If the skb did not fit
within the minimum-size of the transmission queue, the network card could
repeatedly reset itself. A remote attacker could use this flaw to cause a
denial of service. (CVE-2012-3412, Important)
* A use-after-free flaw was found in the xacct_add_tsk() function in the
Linux kernel's taskstats subsystem. A local, unprivileged user could use
this flaw to cause an information leak or a denial of service.
(CVE-2012-3510, Moderate)
* A buffer overflow flaw was found in the hfs_bnode_read() function in the
HFS Plus (HFS+) file system implementation in the Linux kernel. A local
user able to mount a specially-crafted HFS+ file system image could use
this flaw to cause a denial of service or escalate their privileges.
(CVE-2012-2319, Low)
Description truncated, please see the referenced URL(s) for more information.
Affected Software/OS:
kernel on Red Hat Enterprise Linux (v. 5 server)
Solution:
Please Install the Updated Packages.
CVSS Score:
7.8
CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
